The Health Insurance Portability and Accountability Act (HIPAA), through its Privacy Rule, Security Rule, and Breach Notification Rule, sets the federal standard for protecting health information in the United States. It applies to covered entities, health plans, providers, and clearinghouses, and to the business associates that handle protected health information (PHI) on their behalf. The Security Rule requires administrative, physical, and technical safeguards, and the HHS Office for Civil Rights enforces it with investigations and penalties.
In healthcare GRC, HIPAA is the baseline every program is built on, and it is increasingly entangled with AI, as health systems and digital-health companies deploy models on exactly the data HIPAA protects. Roles in this space want people who can run a HIPAA program, manage business-associate risk, and handle breaches, often alongside HITRUST certification.
HIPAA: Frequently Asked Questions
Who must comply with HIPAA?
Covered entities (health plans, health care providers, and clearinghouses) and their business associates that create, receive, maintain, or transmit protected health information.
What are the main HIPAA rules?
The Privacy Rule, the Security Rule, and the Breach Notification Rule, governing the use, protection, and breach reporting of protected health information.
Who enforces HIPAA?
The US Department of Health and Human Services Office for Civil Rights (OCR), which investigates complaints and can impose civil and, in some cases, criminal penalties.
Open HIPAA GRC roles (44)
Director, Governance, Risk, and Compliance (GRC)
Clover Health
Remote · Dallas, TX · Remote · Full-time
$212k to $230k Governance Posted Jun 13, 2026
Governance, Risk & Compliance (GRC) Manager
Sigma Computing
On-site · San Francisco, CA · Full-time
$190k to $215k Featured Governance Posted Jun 13, 2026
Senior GRC Engineer
Lantern
Hybrid · Dallas, TX · Full-time
Featured Governance Posted Jun 13, 2026
Manager, GRC Subject Matter Experts, Product
Vanta
Remote · Raleigh, NC · Remote · Full-time
Featured Governance Posted Jun 13, 2026
Privacy and AI Counsel
Lyra Health
Remote · Jacksonville, FL · Remote · Full-time
$134k to $184k Featured Privacy CIPP AIGP Posted Jun 13, 2026
Assistant General Counsel, Privacy
Memorial Sloan Kettering Cancer Center (MSKCC)
On-site · New York, NY · Full-time
$138k to $227k Featured Privacy Posted Jun 13, 2026
Cybersecurity Business Systems Analyst II
Banner Health
Remote · Remote · Full-time
$90k to $120k Featured Cybersecurity Posted Jun 13, 2026
Director of Quality and Corporate Compliance
Gurwin Healthcare System
On-site · Commack, New York · Full-time
Featured Compliance Posted Jul 1, 2026
Chief Information Security Officer
Texas Children's Hospital
On-site · Houston, TX · Full-time
Featured Governance CISM CISSP Posted Jul 14, 2026
Data and AI Governance Lead, Computing Services
Carnegie Mellon University
On-site · Pittsburgh, PA · Full-time
Featured AI Governance AIGP Posted Jul 15, 2026
Health System Privacy Officer
University of Missouri Health Care
On-site · Columbia, Missouri · Full-time
$146k to $238k Featured Privacy Posted Jun 14, 2026
Director, Governance, Risk, and Compliance (GRC)
Clover Health
Remote · Miami, Florida · Full-time
$212k Featured Compliance CISM CRISC Posted Jun 25, 2026
VP of Information Security
Lyra Health
Remote · Jacksonville, Florida · Full-time
Featured Privacy Posted Jun 25, 2026
Security GRC Manager
Hex
Remote · Remote · Full-time
$182k to $295k Featured Governance Posted Jun 29, 2026
Senior GRC Specialist
Cohere
On-site · Toronto · Full-time
$140k to $220k Featured Governance Posted Jun 13, 2026
Governance, Risk & Compliance (GRC) Manager
Sigma Computing
On-site · New York City, NY · Full-time
$190k to $215k Featured Compliance CISA CISM CRISC Posted Jun 22, 2026
Senior AI GRC Engineer
Vanta
Remote · . · Remote · Full-time
Featured AI Governance Posted Jun 13, 2026
Senior Manager, GRC Subject Matter Experts, Product
Vanta
Remote · . · Remote · Full-time
Featured Governance CISA CISSP CIPM Posted Jun 13, 2026
Senior Compliance Advisor
Drata
Remote · Remote · Full-time
Featured Compliance CISA CRISC CISSP Posted Jun 13, 2026
Security GRC Manager: Customer Trust Enablement
Sierra
On-site · San Francisco, CA · Full-time
Featured Governance CISA CISM CRISC Posted Jun 13, 2026
Senior Software Engineer, Trust and Third Party Risk Management
Vanta
Remote · . · Remote · Full-time
Featured Risk Posted Jun 26, 2026
Staff+ Software Engineer, Privacy
Anthropic
On-site · San Francisco, CA, NY Seattle · Full-time
$405k Featured Privacy Posted Jun 13, 2026
Security Controls Assurance Lead
Anthropic
On-site · San Francisco, CA, NY Washington · Full-time
$345k Featured Governance Posted Jun 20, 2026
Sr. Compliance Analyst
Cohere Health
On-site · Hyderabad, Telangana, India · Full-time
Featured Compliance Posted Jun 13, 2026
Senior Governance, Risk, & Compliance Program Manager
Dropbox
Remote · US: Select locations · Remote · Full-time
Featured Compliance CISA CISSP CIPP Posted Jul 13, 2026
Staff Security Assurance Engineer
Databricks
Remote · Washington D.C. · Remote · Full-time
Featured Governance Top Secret Posted Jun 20, 2026
Senior Governance, Risk, Compliance (GRC) Analyst
Headway
On-site · San Francisco, CA · Full-time
$162k Featured Compliance Posted Jun 17, 2026
Engineering Manager, GRC Platform
Anthropic
On-site · San Francisco, CA, NY Seattle · Full-time
$405k Featured Governance Posted Jun 13, 2026
Staff+ Software Engineer, GRC Platform
Anthropic
On-site · San Francisco, CA, NY Seattle · Full-time
$405k Featured Governance Posted Jun 13, 2026
Senior GRC Analyst
Garner Health
Remote · Remote · Full-time
$143k to $165k Featured Governance CISA CISM CRISC Posted Jul 3, 2026
Sr. Staff Security Assurance Engineer
Databricks
On-site · Mountain View, California · Full-time
Featured Governance Posted Jun 20, 2026
Head of Regulatory & Compliance
Garner Health
Remote · Remote · Full-time
$240k to $270k Featured Compliance Posted Jun 13, 2026
Senior Security Engineer I, GRC
Oscar Health
On-site · New York, NY · Full-time
$164k Featured Governance CISA CISM CISSP Posted Jun 13, 2026
GRC Pre-Sales Consultant / Solutions Engineer – DACH market, EMEA
Vanta
On-site · London, UK · Full-time
Featured Governance Posted Jun 28, 2026
Senior Manager, Audit Partnerships
Vanta
Remote · . · Remote · Full-time
Featured Audit Posted Jun 13, 2026
Senior HR Compliance Manager
Commure
On-site · Mountain View, CA · Full-time
Featured Compliance Posted Jun 13, 2026
Senior Internal Auditor
Albany Medical Center
On-site · 43 New Scotland Avenue Albany, NY · Full-time
$85k to $131k Featured Audit CIA Posted Jun 22, 2026
Rev Cycle Internal Auditor
Albany Medical Center
On-site · 66 Hackett Blvd Albany, NY · Full-time
Featured Audit Posted Jun 22, 2026
Senior Claims Auditor - DRG
Cohere Health
On-site · United States · Full-time
$35 to $42/hr Featured Audit Posted Jun 13, 2026
Senior DRG Auditor (Disputes)
Cohere Health
On-site · United States · Full-time
$35 to $42/hr Featured Audit Posted Jun 26, 2026
Senior Associate, PCI Assurance
Thoropass
On-site · United States · Full-time
$110k to $130k Featured Governance CISA CISSP Posted Jun 20, 2026
IT CYBERSECURITY SPECIALIST (INFOSEC)(T32)
Army National Guard Units
On-site · Montgomery, Alabama · Full-time
$106k to $138k Featured Cybersecurity Posted Jun 25, 2026
Director of Security, GRC
Aledade
Remote · Remote · Full-time
Featured Governance CISA CISM CRISC Posted Jun 13, 2026
Senior Vice President, IT and Chief Data Officer
iRhythm Technologies
Remote · Remote · Full-time
Featured Data Governance Posted Jun 13, 2026